MIT Researchers Devise TOR Alternative That’s 10x Faster
Tor (The Onion Router) is now 14 years old and the biggest bugbear that users consistently moan about is speed. Riffle is proclaimed to deliver significant advances in anonymity technology, which includes both more reliable anonymity as well as being 10 times faster than Tor. It is the new anonymity joint development by MIT and the École Polytechnique Fédérale de Lausanne. Riffle is still at the prototype stage and quite a way from becoming commercially available. Two applications have been developed, for microblogging and for file sharing.
Riffle’s approach uses multiple technologies, none of which are new, but they are layered and interact in a way that has not been done before. The overall effect is that messages are split and packets are delivered in a random sequence that is computed in advance (hence the riffle, or shuffle) and is verified at the receiving end so that the message is reassembled.
The claim for greater security of anonymity is based on Tor’s known susceptibility to hacking by introducing rogue code and predefined messages onto a node, one of its estimated 4,500 network servers. As the servers are owned and maintained by volunteers, the possibility of introducing a malicious node is obvious. The known messages can then be tracked through the network. Riffle’s architecture uses an anytrust model, which means that, so long as just one single node remains uninfected, network security is not compromised.
At its core, Riffle uses a Mixnet, a small number of networked servers, to perform the message shuffle. Unlike Tor, where messages are sent in a linear sequential manner from one node to the next, the first thing Riffle does is to send the messages to all servers in the Mixnet where a new hybrid “verifiable shuffle” of the already split message components is performed, which also creates a mathematical proof. This proof can be used to validate that the message has not been modified and protects from malicious interference with the Mixnet system.
The network nodes utilize shared private key encryption, which in turn depends on authentication encryption, and is used used in conjunction with the Onion Layer model of successive layers of message data. Each node receives the authenticated private key. This process renders the packets effectively indecipherable except to the network nodes, where each layer is stripped to reveal the next encrypted routing directions to the next node. Messages are retrieved by the receiving party using Private Information Retrieval (PIR) to further assist with client anonymity.
The 10x speed enhancement over Tor has been measured in independent tests. Riffle’s approach of the verifiable shuffle and PIR makes compute and bandwidth efficiencies that add up to a significantly faster throughput than what Tor can achieve.
At this early stage, the future for Riffle is still unclear. The security community will take it to pieces to fully test its potential and further validate (or disprove) its heightened security claims. If proven, it will no doubt be welcomed by Internet users living under oppressive regimes where staying alive can depend of total anonymity in Internet terms. Its speed alone may position it as “the new Tor” and see it take over the mantle of the most popular anonymity technology. Right now, it’s a watch and wait brief to observe its progress from prototype to something tried and trusted.